GoSecure Blog
Hacktoberfest and Cybersecurity
For the sixth year, GoSecure is encouraging everyone to join Hacktoberfest. GoSecure has multiple projects open to contributions! For this specific event, we have tagged issues that are accessible to newcomers with the official tag [hacktoberfest].
Tell Me Where You Live and I Will Tell You About Your P@ssw0rd: Understanding the Macrosocial Factors Influencing Password’s Strength
To explore how a user’s environment influences password creation strategies, we present a blogpost series in which we consider several different perspectives – the macrosocial influence of your country (where you live), the influence of your peers (who your friends are), and a technical understanding of how they are attacked – to improve password security and mitigate the risk of poorly secured passwords.
Email Threats of the Second Quarter of 2022
Rampant inflation is driving an increase in email-based threats – both as threat actors feeling the pinch find it harder to pay their bills and as desperate recipients experiencing financial hardships of their own fall prey to their tactics. Learn what to watch for to protect yourself from these “too-good-to-be-true” schemes.
The Mass Effect: Opportunistic Workers Drift into Cybercrime
This blog post summarizes the results of a study that sheds light on ordinary workers conducting benign IT tasks, such as developing websites or translating texts, that contribute to cybercrime activities. The researchers from multiple organizations, including the GoSecure Titan Labs team, conducted a thematic analysis and used machine learning, as well as statistical tests on several datasets, to extract a general understanding of these workers and their mass effect.
Tableau Server Leaks Sensitive Information From Reflected XSS
GoSecure Titan Labs has identified a vulnerability within the Tableau Server that could allow malicious actors to extract sensitive data from the application. Tableau Server is an analytics platform owned by Salesforce used to see and understand data. This application is often hosted on premises to explore sensitive data in a trusted environment. According to a Shodan search which returned more than 18,000 results for this product, this application is widely used by companies to analyze data.
